Search Exploit

VMware Workstation and Fusion are prone to an local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

A local attacker can leverage this issue to execute arbitrary code on the host. Failed attempts may lead to denial-of-service conditions.

Information

Bugtraq ID:

105986

Class:

Input Validation Error

CVE:

CVE-2018-6983

Remote:

No

Local:

Yes

Published:

Nov 22 2018 12:00AM

Updated:

Nov 22 2018 12:00AM

Credit:

Tianwen Tang of Qihoo 360Vulcan Team working with the Tianfu Cup 2018 International Pwn Contest.